locked
Exchange 2013 does not permit sending messages to addresses with ".@" substring RRS feed

  • Question

  • I have Exchange 2013 CU2. Recently, one of our users received an e-mail message with sender's address user_a.b.@domain.com. It was impossible to reply to that address because Exchange refused to accept it:

    ----- The following addresses had permanent fatal errors ----- <ADDRESS> (reason: 501 5.1.3 Invalid address)

    It was possible to send the message if the second dot was removed (i.e. no more ".@" combination). Of course, it could not be delivered anyways (no such mailbox).

    I've conducted some experiments and found that both my mail server running Sendmail and Google mail system accept that address and deliver messages to it.

    Why does Exchange behave in such a way?

    Tuesday, August 20, 2013 12:00 PM

Answers

  • This does not appear to be a valid SMTP address because of the trailing dot before the @ symbol. To the best of my knowledge you cannot begin or end the local portion of an address with the dot character unless there is addtional non-whitespace valid RFC characters on either side of the dot as the dot symbol is used as a separation character.

    The reason it works with GMail is they ignore (or at least used to) all dots in a username as a way to prevent one person from registering john.doe@gmail and another person registering johndoe@gmail.com and trying to spoof the identity. You could send mail to either example and it would arrive in the same single mailbox. Google Apps does recognize dots in a username.

    See the first explanation here; https://support.google.com/mail/answer/10313?topic=14822


    Senior Program Manager, Exchange Customer Advisory Team

    NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, August 20, 2013 3:08 PM
  • RFCs are no fun to read and I'll never claim to understand all of them. For non-techs, I try to put it into situations they understand. For example... "Not all drivers obey the speed limits, but those whom do will meet less police officers." or perhaps "Not all people practice safe handling of fireworks, but those whom do will have a better chance of keeping all of their fingers and toes."

    I did some digging and I think this is what you need from RFC822 (bolding mine if it shows up). If dot is a lexical separator, then text must exist after the dot and before the @ symbol.

    http://tools.ietf.org/html/rfc822

    "6.2.4.  DOMAIN-DEPENDENT LOCAL STRING

    The local-part of an addr-spec in a mailbox  specification (i.e., the host's name for the mailbox) is understood to be whatever the receiving mail protocol server allows.  For example, some systems do not understand mailbox references of the form "P. D. Q. Bach", but others do.

    This specification treats periods (".") as lexical separators. Hence,  their  presence  in  local-parts which are not quoted-strings, is detected.  However,  such occurrences carry NO semantics. That is, if a local-part has periods within it, an address parser will divide the local-part into several tokens, but the sequence of tokens will be treated as one uninterpreted unit.  The sequence will be re-assembled,  when the address is passed outside of the system such as to a mail protocol service.

    For example, the address:

    First.Last@Registry.Org
        
    is legal and does not require the local-part to be surrounded with quotation-marks. (However, "First  Last" DOES require quoting.)  The local-part of the address, when passed outside of the mail system, within the Registry.Org  domain, is "First.Last", again without quotation marks."


    Senior Program Manager, Exchange Customer Advisory Team

    NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Wednesday, August 21, 2013 2:49 PM

All replies

  • This does not appear to be a valid SMTP address because of the trailing dot before the @ symbol. To the best of my knowledge you cannot begin or end the local portion of an address with the dot character unless there is addtional non-whitespace valid RFC characters on either side of the dot as the dot symbol is used as a separation character.

    The reason it works with GMail is they ignore (or at least used to) all dots in a username as a way to prevent one person from registering john.doe@gmail and another person registering johndoe@gmail.com and trying to spoof the identity. You could send mail to either example and it would arrive in the same single mailbox. Google Apps does recognize dots in a username.

    See the first explanation here; https://support.google.com/mail/answer/10313?topic=14822


    Senior Program Manager, Exchange Customer Advisory Team

    NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, August 20, 2013 3:08 PM
  • Brian,

    Thank you for the comment.

    However, I didn't talk about GMail accepting such addresses for gmail.com domain. Quite the opposite, it accepts such messages for delivery to other mail domains which don't belong to Google. In addition, Sendmail behaves in the same way: it accepts the message and tries to deliver it to an external mail organization.

    I can accept your explanation, although I cannot find a direct prohibition of such combination in RFCs. However, it's quite difficult to explain to users why the message cannot be send using our corporate mail system while free mail servers could do it without a glitch. You see, users tend to know little about RFCs and other things like that. :)


    Wednesday, August 21, 2013 4:32 AM
  • RFCs are no fun to read and I'll never claim to understand all of them. For non-techs, I try to put it into situations they understand. For example... "Not all drivers obey the speed limits, but those whom do will meet less police officers." or perhaps "Not all people practice safe handling of fireworks, but those whom do will have a better chance of keeping all of their fingers and toes."

    I did some digging and I think this is what you need from RFC822 (bolding mine if it shows up). If dot is a lexical separator, then text must exist after the dot and before the @ symbol.

    http://tools.ietf.org/html/rfc822

    "6.2.4.  DOMAIN-DEPENDENT LOCAL STRING

    The local-part of an addr-spec in a mailbox  specification (i.e., the host's name for the mailbox) is understood to be whatever the receiving mail protocol server allows.  For example, some systems do not understand mailbox references of the form "P. D. Q. Bach", but others do.

    This specification treats periods (".") as lexical separators. Hence,  their  presence  in  local-parts which are not quoted-strings, is detected.  However,  such occurrences carry NO semantics. That is, if a local-part has periods within it, an address parser will divide the local-part into several tokens, but the sequence of tokens will be treated as one uninterpreted unit.  The sequence will be re-assembled,  when the address is passed outside of the system such as to a mail protocol service.

    For example, the address:

    First.Last@Registry.Org
        
    is legal and does not require the local-part to be surrounded with quotation-marks. (However, "First  Last" DOES require quoting.)  The local-part of the address, when passed outside of the mail system, within the Registry.Org  domain, is "First.Last", again without quotation marks."


    Senior Program Manager, Exchange Customer Advisory Team

    NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Wednesday, August 21, 2013 2:49 PM
  • Brian,

    Thank you for the explanation. I like your example with drivers, so I'll explain it to users in your way. :)

    While I'm not happy with the situation, now at least I can explain the problem to mail administrators who create invalid addresses like that. Also, we can avoid legal consequences if we cannot answer a message with such a return address (in certain situations we are fined if we don't answer a message).

    By the way, I've found that Exchange accepts messages with trailing dot in the local part if it's surrounded by quotation marks, "user."@domain.com for example. It could remediate the situation, too.

    Thank you again.

    Thursday, August 22, 2013 4:13 AM
  • You're welcome. Quotes text strings are considered valid local parts of email addresses. You can also do crazy things like comments within parenthesis, for example the address

    brian."%%".day(is useless)@contoso.com

    ...is considered valid.


    Senior Program Manager, Exchange Customer Advisory Team

    NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, August 22, 2013 11:41 AM